U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:a:microsoft:malware_protection_engine:1.1.14306.0:*:*:*:*:*:*:*
  • CPE Name Search: true
There are 9 matching records.
Displaying matches 1 through 9.
Vuln ID Summary CVSS Severity
CVE-2022-24548

Microsoft Defender Denial of Service Vulnerability.

Published: April 15, 2022; 3:15:12 PM -0400
V3.1: 5.5 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2021-42298

Microsoft Defender Remote Code Execution Vulnerability

Published: November 09, 2021; 8:19:47 PM -0500
V3.1: 7.8 HIGH
V2.0: 9.3 HIGH
CVE-2021-34471

Microsoft Windows Defender Elevation of Privilege Vulnerability

Published: August 12, 2021; 2:15:08 PM -0400
V3.1: 7.8 HIGH
V2.0: 4.6 MEDIUM
CVE-2021-34522

Microsoft Defender Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-34464.

Published: July 14, 2021; 2:15:12 PM -0400
V3.1: 7.8 HIGH
V2.0: 9.3 HIGH
CVE-2021-31985

Microsoft Defender Remote Code Execution Vulnerability

Published: June 08, 2021; 7:15:09 PM -0400
V3.1: 8.8 HIGH
V2.0: 6.8 MEDIUM
CVE-2021-31978

Microsoft Defender Denial of Service Vulnerability

Published: June 08, 2021; 7:15:09 PM -0400
V3.1: 5.5 MEDIUM
V2.0: 2.1 LOW
CVE-2017-11940

The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Windows 7 SP1, Windows 8.1, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, 1709 and Windows Server 2016, Windows Server, version 1709, Microsoft Exchange Server 2013 and 2016, does not properly scan a specially crafted file leading to remote code execution. aka "Microsoft Malware Protection Engine Remote Code Execution Vulnerability". This is different than CVE-2017-11937.

Published: December 08, 2017; 9:29:00 AM -0500
V3.0: 7.8 HIGH
V2.0: 9.3 HIGH
CVE-2017-11937

The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Windows 7 SP1, Windows 8.1, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, 1709 and Windows Server 2016, Windows Server, version 1709, Microsoft Exchange Server 2013 and 2016, does not properly scan a specially crafted file leading to remote code execution. aka "Microsoft Malware Protection Engine Remote Code Execution Vulnerability".

Published: December 07, 2017; 12:29:00 PM -0500
V3.0: 7.8 HIGH
V2.0: 9.3 HIGH
CVE-2006-5270

Integer overflow in the Microsoft Malware Protection Engine (mpengine.dll), as used by Windows Live OneCare, Antigen, Defender, and Forefront Security, allows user-assisted remote attackers to execute arbitrary code via a crafted PDF file.

Published: February 13, 2007; 3:28:00 PM -0500
V3.x:(not available)
V2.0: 9.3 HIGH